Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: allow configuring min tls for grpc #706

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

feat: allow configuring min tls for grpc #706

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions keda/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ their default values.
| `http.minTlsVersion` | string | `"TLS12"` | The minimum TLS version to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and this value does not necessarily apply to them) |
| `http.timeout` | int | `3000` | The default HTTP timeout to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and the timeout does not necessarily apply to them) |
| `image.pullPolicy` | string | `"Always"` | Image pullPolicy for all KEDA components |
| `grpc.minTlsVersion` | string | `"TLS13"` | The minimum TLS version to use for all GRPC clients/servers |
| `imagePullSecrets` | list | `[]` | Name of secret to use to pull images to use to pull Docker images |
| `networkPolicy.cilium` | object | `{"operator":{"extraEgressRules":[]}}` | Allow use of extra egress rules for cilium network policies |
| `networkPolicy.enabled` | bool | `false` | Enable network policies |
Expand Down
2 changes: 2 additions & 0 deletions keda/templates/manager/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,8 @@ spec:
value: {{ .Values.http.timeout | quote }}
- name: KEDA_HTTP_MIN_TLS_VERSION
value: {{ .Values.http.minTlsVersion }}
- name: KEDA_GRPC_MIN_TLS_VERSION
value: {{ .Values.grpc.minTlsVersion }}
{{- if ( not .Values.http.keepAlive.enabled ) }}
- name: KEDA_HTTP_DISABLE_KEEP_ALIVE
value: "true"
Expand Down
2 changes: 2 additions & 0 deletions keda/templates/metrics-server/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,8 @@ spec:
value: {{ .Values.http.timeout | quote }}
- name: KEDA_HTTP_MIN_TLS_VERSION
value: {{ .Values.http.minTlsVersion }}
- name: KEDA_GRPC_MIN_TLS_VERSION
value: {{ .Values.grpc.minTlsVersion }}
{{- if ( not .Values.http.keepAlive.enabled ) }}
- name: KEDA_HTTP_DISABLE_KEEP_ALIVE
value: "true"
Expand Down
4 changes: 4 additions & 0 deletions keda/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -544,6 +544,10 @@ http:
# -- The minimum TLS version to use for all scalers that use raw HTTP clients (some scalers use SDKs to access target services. These have built-in HTTP clients, and this value does not necessarily apply to them)
minTlsVersion: TLS12

grpc:
# -- The minimum TLS version to use for GRPC clients / servers
minTlsVersion: TLS13

## This setting lets you enable profiling for all of the components of KEDA and in the specific port you choose
## This can be useful when trying to investigate errors like memory leaks or CPU or even look at goroutines to understand better
## This setting is disabled by default
Expand Down
Loading